//package com.hzsai.config;
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.beans.factory.annotation.Value;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.http.HttpMethod;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.authentication.configurers.provisioning.InMemoryUserDetailsManagerConfigurer;
//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
//
//import org.springframework.security.core.userdetails.UserDetails;
//import org.springframework.security.core.userdetails.User;
//
//import javax.sql.DataSource;
//
//
///**
// * hzsai 2019/8/2
// * usage:
// **/
//@Configuration
//@EnableWebSecurity
//@EnableGlobalMethodSecurity(prePostEnabled = true)
//public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
//
////    @Autowired
////    private DataSource source = null;
//
//    @Autowired
//    private MyAccessDeniedHandler deniedHandler;
//
//    @Autowired
//    private MyAuthenticationEntryPoint entryPoint;
//
//    @Value("${system.user.password.secret}")
//    private String secret = null;
//
//    private String pwdQuery = " select user_name, pwd, available from t_user where user_name = ?;";
//
//    private String roleQuery = " select u.user_name, r.role_name from t_user u, t_role r, t_user_role ur" +
//            " where u.id = ur.id and ur.id = r.id";
//
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        // super.configure(auth);
//        // BCryptPasswordEncode()加密方式是不可逆的
//        PasswordEncoder encoder = new BCryptPasswordEncoder();
////        auth.jdbcAuthentication().dataSource()
//        auth.inMemoryAuthentication()
//                .passwordEncoder(encoder)
//                .withUser("admin")
//                .password("$2a$10$LsStp0552mCcrw5hD3ZqlOPo9N0vd4z2I9gXHheT3yC.xZMmWwIC2")
//                .roles("USER", "ADMIN")
//                .and()
//                .withUser("hzsai")
//                // encode.encode("123456")
//                .password("$2a$10$LsStp0552mCcrw5hD3ZqlOPo9N0vd4z2I9gXHheT3yC.xZMmWwIC2")
//                .roles("USER");
//    }
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        //super.configure(http);
//
//        http.csrf().disable();
//        http.authorizeRequests()
//                .antMatchers(
//                        HttpMethod.GET,
//                        "/",
//                        "/*.html",
//                        "/*.css",
//                        "/*.js",
//                        "/favicon.icon",
//                        "/v2/api-docs/**"
//                ).permitAll()
//                .antMatchers(HttpMethod.GET,"/async/generate/").hasRole("ADMIN")
//                .antMatchers(HttpMethod.OPTIONS).permitAll()
//                .anyRequest().authenticated()
//                .and().formLogin()
//                .and().httpBasic();
////                .permitAll()
////                .anyRequest()
//        http.headers().cacheControl();
//
////        // 自定义授权异常处理
////        http.exceptionHandling()
////                .accessDeniedHandler(deniedHandler) // 登录了，但是没有授权的结果返回
////                .authenticationEntryPoint(entryPoint); // 没有登录的结果返回
//    }
//
//    // 在内存上进行的springsecurity设置适用于测试的环境，内存缓存用户信息，而且会占用JVM内存
////    @Override
////    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
////        //super.configure(auth);
////        PasswordEncoder encoder = new BCryptPasswordEncoder();
////        InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder>
////                configurer = auth.inMemoryAuthentication().passwordEncoder(encoder);
////        configurer.withUser("admin")
////                .password("$2a$10$LsStp0552mCcrw5hD3ZqlOPo9N0vd4z2I9gXHheT3yC.xZMmWwIC2")
////                .authorities("USER", "ADMIN");
////        configurer.withUser("hzsai")
////                .password("$2a$10$LsStp0552mCcrw5hD3ZqlOPo9N0vd4z2I9gXHheT3yC.xZMmWwIC2")
////                .authorities("USER");
////    }
//
//
////    @Override
////    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
////        auth.userDetailsService()
////        PasswordEncoder encoder = new Pbkdf2PasswordEncoder(this.secret);
////
////        auth.jdbcAuthentication()
////                .passwordEncoder(encoder)
////                .dataSource(source)
////                .authoritiesByUsernameQuery(roleQuery)
////                .usersByUsernameQuery(pwdQuery);
////
////    }
//}
